|
3811
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/queue: Call fini on exec queue creation fail
Every call to queue init should have a corresponding fini call.
Skipping this…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-23350
|
2026-04-25 03:05 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3812
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
drm/xe/queue: Llamar a fini al fallar la creación de la cola de ejecución
Cada llamada a init de cola debería tener una llamada …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-23350
|
2026-04-25 03:05 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3813
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39708
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3814
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through <= 1.…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-39709
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3815
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through <= 2…
|
CWE-352
Origin Validation Error
|
CVE-2026-39710
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3816
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions:…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-39711
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3817
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a th…
|
CWE-80
Basic XSS
|
CVE-2026-39712
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3818
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorr…
|
CWE-862
Missing Authorization
|
CVE-2026-39713
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3819
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in G5Theme G5Plus April g5plus-april allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects G5Plus April: from n/a through <= 6…
|
CWE-862
Missing Authorization
|
CVE-2026-39714
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3820
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
|
CWE-862
Missing Authorization
|
CVE-2026-39715
|
2026-04-25 03:05 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
